/****************************************************************************
 *
 * Copyright (C) 2003-2008 Los Alamos National Security, LLC
 *                         Packet Analytics Corporation
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License Version 2 as
 * published by the Free Software Foundation.  You may not use, modify or
 * distribute this program under any other version of the GNU General
 * Public License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 *
 ****************************************************************************/
package nfse.gui.server;

import java.security.NoSuchAlgorithmException;

import nfse.NetFSE;
import nfse.NetFSEUtil;

import org.acegisecurity.AuthenticationException;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;

public class AuthenticationProvider extends
		AbstractUserDetailsAuthenticationProvider implements UserDetailsService {

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
	 * #
	 * additionalAuthenticationChecks(org.acegisecurity.userdetails.UserDetails,
	 * org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
	 */
	@Override
	protected void additionalAuthenticationChecks(UserDetails userDetails,
			UsernamePasswordAuthenticationToken authentication)
			throws AuthenticationException {
		// Nothing to do here.

	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
	 * #retrieveUser(java.lang.String,
	 * org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
	 */
	@Override
	protected UserDetails retrieveUser(String userName,
			UsernamePasswordAuthenticationToken authentication)
			throws AuthenticationException {

	    User temp = NetFSE.getUser(userName);
		if (temp == null ) {
			throw new BadCredentialsException("Invalid Credentials");
		}
		
		String hashHex = "";
		try {
			hashHex = NetFSEUtil.encodePassword(authentication.getCredentials().toString());
		} catch (NoSuchAlgorithmException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
		if ( !temp.getPassword().equals(hashHex)) {
		    throw new BadCredentialsException("Invalid Credentials");
		}
		
		//authentication.setAuthenticated(true);
		  
		return temp;
	}

	public UserDetails loadUserByUsername(String userName)
			throws UsernameNotFoundException, DataAccessException {
		User user = NetFSE.getUser(userName);
		if (user == null) {
			throw new UsernameNotFoundException(userName);
		}
		return user;
	}

}
